A critical PHP object injection vulnerability in the Mirasvit Full Page Cache Warmer extension for Magento 2 / Adobe Commerce, tracked as CVE-2026-45247, allows unauthenticated … Read More
Vulnerability Intelligence Report — June 4, 2026 Coverage: June 3–4, 2026 | New CISA KEV additions: 1 | New items: 5 | KEV deadlines today: … Read More
A high-severity vulnerability in Genetec Security Center, tracked as CVE-2026-40619, allows an attacker with local operating system privileges on the main server to access Server … Read More
Eight vulnerabilities have been disclosed in OpenTelemetry eBPF Instrumentation, an open-source observability framework that provides eBPF-based instrumentation for the OpenTelemetry standard. The vulnerabilities span CVSS … Read More
A vulnerability in NiceGUI, a Python-based UI framework, tracked as CVE-2026-45554, could allow attackers to trigger uncaught exceptions through two FastAPI routes that serve per-component … Read More
A critical remote code execution vulnerability in OpenMed, tracked as CVE-2026-47117, allows attackers to achieve arbitrary code execution by manipulating the PII privacy-filter model loading … Read More
A resource exhaustion vulnerability in the elixir-mint HTTP client library, tracked as CVE-2026-48862, allows remote attackers to cause denial of service by sending attacker-controlled HTTP/2 … Read More
An improper access control vulnerability in Devolutions Server, tracked as CVE-2026-9590, allows authenticated users with entry edit privileges to modify asset information without the required … Read More
Two vulnerabilities in the ARMember Premium WordPress membership plugin, tracked as CVE-2026-5076 and CVE-2026-5073, create a dangerous attack chain enabling full site compromise. CVE-2026-5076 (CVSS … Read More
A privilege escalation vulnerability in the Linux kernel’s cgroups v1 subsystem, tracked as CVE-2022-0492, allows local attackers to break out of namespace isolation and escalate … Read More
